Recently the India National Centre for Communication Security (NCCS) has introduced a significant relaxation in security certification requirements for telecom products declared as End of Sale (EoS) or End of Life (EoL). This aims to simplify compliance procedures for legacy equipment. Earlier, such products were exempted from initial security testing if EoS was declared prior to the ITSAR enforcement date (as per NCCS/HQ/COMSEC/2023-24/III dated 19.09.2024). However, internal test reports were still required for any updates or modifications. 

Key tips: 

The requirement to submit internal test reports has now been removed. OEMs can now apply for a Provisional Security Certificate using the “Upgrade ER to ER+ITSAR” flow on the MTCTE portal. Instead of internal test reports, the applicant must: 

• Declare EoS/EoL dates  

• Submit a Self-Declaration of Conformity (SDoC) to the applicable ITSAR  

• No Security Report Evaluation Fee will apply.   

Validity: Up to 5 years, or until the residual validity of the ER certificate, or the EoL date—whichever comes earlier. 

This move streamlines security compliance for discontinued product lines, while maintaining transparency and baseline security assurance. 

Related authority link: https://nccs.gov.in/public/latest_updates/SecurityCertificationEOS.pdf 

For full support with your global market access requirements or regulatory intelligence needs please contact us at customer-service@vscbcorp.com